Merge branch 'es/unpack-trees-oob-fix' into maint

The code that tries to skip over the entries for the paths in a single directory using the cache-tree was not careful enough against corrupt index file. * es/unpack-trees-oob-fix: unpack-trees: watch for out-of-range index position
author: Junio C Hamano <gitster@pobox.com> 2020-02-14 12:42:27 -0800
committer: Junio C Hamano <gitster@pobox.com> 2020-02-14 12:42:28 -0800
commit: 5ae057d9a8c79fea1ad58658660d9fe42668e972 (patch)
tree: faac78a5ef54762f3a7983d76d9354711a0b868a /unpack-trees.c
parent: Merge branch 'bc/run-command-nullness-after-free-fix' into maint (diff)
parent: unpack-trees: watch for out-of-range index position (diff)
download: tgif-5ae057d9a8c79fea1ad58658660d9fe42668e972.tar.xz
1 files changed, 4 insertions, 2 deletions
diff --git a/unpack-trees.c b/unpack-trees.c
index 2399b6818b..2f4e2e494a 100644
--- a/unpack-trees.c
+++ b/unpack-trees.c
@@ -694,9 +694,11 @@ static int index_pos_by_traverse_info(struct name_entry *names,
 	if (pos >= 0)
 		BUG("This is a directory and should not exist in index");
 	pos = -pos - 1;
-	if (!starts_with(o->src_index->cache[pos]->name, name.buf) ||
+	if (pos >= o->src_index->cache_nr ||
+	    !starts_with(o->src_index->cache[pos]->name, name.buf) ||
 	    (pos > 0 && starts_with(o->src_index->cache[pos-1]->name, name.buf)))
-		BUG("pos must point at the first entry in this directory");
+		BUG("pos %d doesn't point to the first entry of %s in index",
+		    pos, name.buf);
 	strbuf_release(&name);
 	return pos;
 }
author	Junio C Hamano <gitster@pobox.com>	2020-02-14 12:42:27 -0800
committer	Junio C Hamano <gitster@pobox.com>	2020-02-14 12:42:28 -0800
commit	5ae057d9a8c79fea1ad58658660d9fe42668e972 (patch)
tree	faac78a5ef54762f3a7983d76d9354711a0b868a /unpack-trees.c
parent	Merge branch 'bc/run-command-nullness-after-free-fix' into maint (diff)
parent	unpack-trees: watch for out-of-range index position (diff)
download	tgif-5ae057d9a8c79fea1ad58658660d9fe42668e972.tar.xz